Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
IT Developments
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Thousands of web sites compromised, redirect to scareware

  • From: Brian Warkoczeski
  • Date: Wed Nov 18 16:30:10 2009
Thousands of web sites compromised, redirect to scareware

By Dancho Danchev

November 17th, 2009

www.zdnet.com

Security researchers have detected a massive blackhat SEO (search engine optimization) campaign consisting of over 200,000 compromised web sites, all redirecting to fake security software (Inst_58s6.exe), commonly referred to as scareware.

The compromised sites are using legitimately looking templates using automatically generated bogus content, with a tiny css.js (Trojan-Downloader.JS.FraudLoad) uploaded on each of them which triggers the scareware campaign only if the visitor is coming a search engine listed as known http referrer by the gang - in this case Google, Yahoo, Live, Altavista, and Baidu.

For rest of the article see:

http://blogs.zdnet.com/security/?p=4947&tag=nl.e550





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.